From 5b0d3c018d58332c120c314b107104796f6139e3 Mon Sep 17 00:00:00 2001 From: millert Date: Fri, 23 Jul 2010 20:14:23 +0000 Subject: [PATCH] Block all signals before sending SIGTERM to all non-system processes. This ensures that we reach the call to reboot(2) without being killed by some other process. OK deraadt@ nicm@ --- sbin/reboot/reboot.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/sbin/reboot/reboot.c b/sbin/reboot/reboot.c index bcf03e0c577..dc5f96d03ad 100644 --- a/sbin/reboot/reboot.c +++ b/sbin/reboot/reboot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: reboot.c,v 1.30 2009/10/27 23:59:34 deraadt Exp $ */ +/* $OpenBSD: reboot.c,v 1.31 2010/07/23 20:14:23 millert Exp $ */ /* $NetBSD: reboot.c,v 1.8 1995/10/05 05:36:22 mycroft Exp $ */ /* @@ -62,6 +62,7 @@ main(int argc, char *argv[]) struct passwd *pw; int ch, howto, lflag, nflag, pflag, qflag; char *p, *user; + sigset_t mask; p = __progname; @@ -192,6 +193,13 @@ main(int argc, char *argv[]) } } + /* + * Point of no return, block all signals so we are sure to + * reach the call to reboot(2) unmolested. + */ + sigfillset(&mask); + sigprocmask(SIG_BLOCK, &mask, NULL); + /* Send a SIGTERM first, a chance to save the buffers. */ if (kill(-1, SIGTERM) == -1) { /* -- 2.20.1